3.2.31. snmp

SNMP configuration.

vsr running config# vrf <vrf> snmp

enabled (pushed)

Enable or disable the SNMP engine.

vsr running config# vrf <vrf> snmp
vsr running snmp# enabled true|false

Default value

true

listen

Configuration of the transport endpoint on which the engine listens.

vsr running config# vrf <vrf> snmp listen

protocols

The protocols used for connecting to the SNMP agent.

vsr running config# vrf <vrf> snmp listen
vsr running listen# protocols PROTOCOLS

PROTOCOLS values	Description
udp	UDP.
tcp	TCP.
udp6	UDPv6.
tcp6	TCPv6.

Default value

udp

port

The TCP or UDP port on which the engine listens.

vsr running config# vrf <vrf> snmp listen
vsr running listen# port PORT

PORT	A 16-bit port number used by a transport protocol such as TCP or UDP.

Default value

161

static-info

Most of the information reported by the SNMP agent is retrieved from the underlying system. However, certain MIB objects can be configured with a static value.

vsr running config# vrf <vrf> snmp static-info

location

System location (sysLocation.0) object value.

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# location <string>

contact

System contact (sysContact.0) object value.

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# contact <string>

name

System name (sysName.0) object value.

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# name <string>

services

Value of the sysServices.0 object. For a host system, a good value is 72 (application + end-to-end layers).

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# services <uint8>

description

System description of the SNMP agent (sysDescr.0).

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# description <string>

object-id

System OID (sysObjectOID.0) object value.

vsr running config# vrf <vrf> snmp static-info
vsr running static-info# object-id OBJECT-ID

OBJECT-ID

SNMP object identifier either as a label or numeric form.

view

A named ‘view’ - a subset of the overall OID tree.

vsr running config# vrf <vrf> snmp view <string>

<string>

The name of the view.

subtree

A part of the OID tree to include or exclude from the view.

vsr running config# vrf <vrf> snmp view <string>
vsr running view <string># subtree <subtree> included true|false

<subtree>

SNMP object identifier either as a label or numeric form.

included

Set to false to exclude this OID from the view.

included true|false

Default value

true

community

An SNMPv1 or SNMPv2c community.

vsr running config# vrf <vrf> snmp community <string>

<string>

The name of the community.

authorization (mandatory)

The authorization level of the community.

vsr running config# vrf <vrf> snmp community <string>
vsr running community <string># authorization AUTHORIZATION

AUTHORIZATION

Available authentication levels.

source

Restrict access to requests from the specified address or prefix list.

vsr running config# vrf <vrf> snmp community <string>
vsr running community <string># source SOURCE

SOURCE values	Description
<host>	The host type represents either an unzoned IP address or a DNS domain name.
<ip-prefix>	An IPv4 or IPv6 prefix: address and CIDR mask.

view

Restricts access for that community to the subtree rooted at the given view name. If not specified, the community has access to the whole OID tree.

vsr running config# vrf <vrf> snmp community <string>
vsr running community <string># view <leafref>

monitored-vrf

Monitored VRF.

vsr running config# vrf <vrf> snmp monitored-vrf <string>

<string>

The name of the monitored VRF.

identifier

Identifier to access the monitored VRF, acts as a community for SNMPv1 or SNMPv2c and as a context for SNMPv3.

vsr running config# vrf <vrf> snmp monitored-vrf <string> identifier <string>

<string>

The monitored VRF identifier (community for SNMPv1 or SNMPv2c and context for SNMPv3).

authorization (mandatory)

The authorization level of the identifier.

vsr running config# vrf <vrf> snmp monitored-vrf <string> identifier <string>
vsr running identifier <string># authorization AUTHORIZATION

AUTHORIZATION

Available authentication levels.

source

Restrict access to requests from the specified address or prefix list for SNMPv1 or SNMPv2.

vsr running config# vrf <vrf> snmp monitored-vrf <string> identifier <string>
vsr running identifier <string># source SOURCE

SOURCE values	Description
<host>	The host type represents either an unzoned IP address or a DNS domain name.
<ip-prefix>	An IPv4 or IPv6 prefix: address and CIDR mask.

view

Restricts access to the subtree rooted at the given view name. If not specified, the identifier has access to the whole OID tree.

vsr running config# vrf <vrf> snmp monitored-vrf <string> identifier <string>
vsr running identifier <string># view <leafref>

traps

Active monitoring and automatic notifications configuration.

vsr running config# vrf <vrf> snmp monitored-vrf <string> traps

destination

The destination of SNMPv1 TRAPs, SNMPv2c TRAP2s, or SNMPv2 INFORM notifications.

vsr running config# vrf <vrf> snmp monitored-vrf <string> traps destination <leafref>

<leafref>

The receiver address to use.

community (mandatory)

The community string to use when sending traps to this destination.

vsr running config# vrf <vrf> snmp monitored-vrf <string> traps destination <leafref>
vsr running destination <leafref># community <leafref>

access-control

SNMPv3 access control configuration.

vsr running config# vrf <vrf> snmp access-control

user

An SNMPv3 user.

vsr running config# vrf <vrf> snmp access-control user <string>

<string>

The name of the user (securityName).

auth-password (mandatory)

The authentication password.

vsr running config# vrf <vrf> snmp access-control user <string>
vsr running user <string># auth-password <string>

auth-method

The authentication method.

vsr running config# vrf <vrf> snmp access-control user <string>
vsr running user <string># auth-method AUTH-METHOD

AUTH-METHOD values	Description
md5	MD5.
sha	SHA.

Default value

sha

priv-password

The privacy (encryption) password. If not specified, it is assumed to be the same as the authentication password.

vsr running config# vrf <vrf> snmp access-control user <string>
vsr running user <string># priv-password <string>

priv-protocol

The encryption protocol.

vsr running config# vrf <vrf> snmp access-control user <string>
vsr running user <string># priv-protocol PRIV-PROTOCOL

PRIV-PROTOCOL values	Description
aes	AES.
des	DES.

Default value

aes

group

An SNMPv3 group.

vsr running config# vrf <vrf> snmp access-control group <string>

<string>

The name of the group.

user

Name of a user to add to this group.

vsr running config# vrf <vrf> snmp access-control group <string>
vsr running group <string># user <leafref>

security-level (mandatory)

The security level enforced on this group.

vsr running config# vrf <vrf> snmp access-control group <string>
vsr running group <string># security-level SECURITY-LEVEL

SECURITY-LEVEL values	Description
auth	Authentication is required.
priv	Authentication and encryption are required.

view

Restricts access for that group to the subtree rooted at the given view name. If not specified, the group has access to the whole OID tree.

vsr running config# vrf <vrf> snmp access-control group <string>
vsr running group <string># view <leafref>

authorization

The authorization level of this group.

vsr running config# vrf <vrf> snmp access-control group <string>
vsr running group <string># authorization AUTHORIZATION

AUTHORIZATION

Available authentication levels.

Default value

read-only

traps

Active monitoring and automatic notifications configuration.

vsr running config# vrf <vrf> snmp traps

destination

Notification receiver that should be sent SNMPv1 TRAPs, SNMPv2c TRAP2s, or SNMPv2 INFORM notifications.

vsr running config# vrf <vrf> snmp traps
vsr running traps# destination <destination> port PORT protocol PROTOCOL \
... notification-type NOTIFICATION-TYPE community <leafref>

<destination>

The host type represents either an unzoned IP address or a DNS domain name.

port

The port number of the host where to send the traps.

port PORT

PORT	A 16-bit port number used by a transport protocol such as TCP or UDP.

Default value

162

protocol

The protocol used to connect to the destination host.

protocol PROTOCOL

PROTOCOL values	Description
udp	UDP.
tcp	TCP.
udp6	UDPv6.
tcp6	TCPv6.

Default value

udp

notification-type (mandatory)

The type of notifications that is to be sent to the specified host.

notification-type NOTIFICATION-TYPE

NOTIFICATION-TYPE values	Description
TRAP	Send SNMPv1 TRAPs to the specified host.
TRAP2	Send SNMPv2c TRAP2s to the specified host.
INFORM	Send SNMPv2 INFORM notifications to the specified host.

community (mandatory)

The community string to use when sending traps to this destination.

community <leafref>

authfail-check

Monitor authentication failures.

vsr running config# vrf <vrf> snmp traps
vsr running traps# authfail-check enabled true|false

enabled

Enable or disable authentication failures monitoring.

enabled true|false

Default value

true

link-status-check

Monitor network interfaces being taken up or down, triggering a linkUp or linkDown notification as appropriate.

vsr running config# vrf <vrf> snmp traps
vsr running traps# link-status-check frequency FREQUENCY enabled true|false

frequency

Check for network interfaces being taken up or down every <frequency> period.

frequency FREQUENCY

FREQUENCY

Value in seconds or optionnally suffixed by one of s (for seconds), m (for minutes), h (for hours), d (for days) or w (for weeks).

Default value

60s

enabled

Enable or disable link status monitoring.

enabled true|false

Default value

true

process-check

Monitor the important processes of the system, triggering a notification when one of them is not alive.

vsr running config# vrf <vrf> snmp traps
vsr running traps# process-check frequency FREQUENCY enabled true|false

frequency

Check for network interfaces being taken up or down every <frequency> period.

frequency FREQUENCY

FREQUENCY

Value in seconds or optionnally suffixed by one of s (for seconds), m (for minutes), h (for hours), d (for days) or w (for weeks).

Default value

2s

enabled

Enable or disable process monitoring.

enabled true|false

Default value

true

disk-space-check

Enables monitoring of all disks found on the system, using the specified (percentage) threshold.

vsr running config# vrf <vrf> snmp traps
vsr running traps# disk-space-check threshold <uint8> frequency FREQUENCY \
... enabled true|false

threshold (mandatory)

The minimum free disk space in percentage of the total space.

threshold <uint8>

frequency

Check for free disk space every <frequency> period.

frequency FREQUENCY

FREQUENCY

Value in seconds or optionnally suffixed by one of s (for seconds), m (for minutes), h (for hours), d (for days) or w (for weeks).

Default value

5m

enabled

Enable or disable disk space monitoring.

enabled true|false

Default value

true

load-check

Enables monitoring of the load average and trigger notifications if it goes above the specified thresholds.

vsr running config# vrf <vrf> snmp traps
vsr running traps# load-check threshold <uint16> enabled true|false

threshold (mandatory)

The maximum system load average.

threshold <uint16>

enabled

Enable or disable system load monitoring.

enabled true|false

Default value

true